Saturday, March 18, 2017

Trump & the CIA Being ‘Hacked.’ Time to Recall Operation Buckshot Yankee.

UPDATE, March 19, 2017: Edited the last sentence of the lead paragraph to clarify that it is not clear if the effort to stop the foreign intelligence agency cyberattack has been successful.

Donald Trump gave an interview to Tucker Carlson of Fox News on March 15. And during the interview, “President Trump suggested ‘the CIA was hacked and a lot of things were taken.’ He added ‘that was during the Obama years. That was not during us.’” Those remarks had pundits and Rep. Adam Schiff (D-CA) of the House Intelligence Committee suggesting Trump may have declassified previously unknown intelligence. And while all this is speculation at the moment, Trump’s remarks recall Operation Buckshot Yankee, an action that started circa 2008 to counter a massive foreign intelligence agency cyberattack against the U.S.—an attack so bad that it has never been clear if the effort to stop it has been successful.

Fox News reported Trump’s statements to Carlson and the subsequent reaction to it.

“It would be one thing if the president’s statements were the product of intelligence community discussion and a purposeful decision to disclose information to the public, but that is unlikely to be the case,” Schiff said in a statement.

But Fox later noted that Schiff admitted there is nothing to indicate that anything Trump said is illegal, contrary to other media reports. “[T]he president has the power to declassify whatever he wants...,” Fox reported the Democrat saying.

Yet as politicians and pundits fight over the propriety of what Trump said, it is more interesting and important to think about what he suggested (someone “hacked” the CIA) while remembering the serious cyberattack on unclassified and classified U.S. computer networks starting sometime around 2008 (near the end of the Bush presidency and the start of the Obama administration).

One of the first official acknowledgements of this cyberattack, and the subsequent Operation Buckshot Yankee, came in 2010 when William J. Lynn III, then Deputy Defense Secretary, wrote about it in Foreign Affairs.

In 2008, the U.S. Department of Defense suffered a significant compromise of its classified military computer networks. It began when an infected flash drive was inserted into a U.S. military laptop at a base in the Middle East. The flash drive’s malicious computer code, placed there by a foreign intelligence agency, uploaded itself onto a network run by the U.S. Central Command. That code spread undetected on both classified and unclassified systems, establishing what amounted to a digital beachhead, from which data could be transferred to servers under foreign control. It was a network administrator’s worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary.

And while the government has officially acknowledged the foreign intelligence agency cyberattack and Operation Buckshot Yankee, it is unclear if the U.S. ever stopped the attack—if Operation Buckshot Yankee was successful.

No one should assume that Trump’s comments on Fox News are connected with Operation Buckshot Yankee. However, his comments are enough to start asking legitimate questions about what happened (and what is happening). They are enough to prompt people to recall Operation Buckshot Yankee and to start again inquiring about it and if it was successful.